<?php
#[表单提交]
require_once("global.php");
$navid="accede";

$returnlink = "accede.php"; //提交后返回链接

if($act == "addok")
{
	$msg = $_POST;
	//禁止的系统标示
	$formsing = array("id","ip","field_content","postdate","ifcheck");
	foreach($msg AS $key=>$value)
	{
		//基本信息
		if($key=="username" || $key=="email" || $key=="tel" || $key=="content")
		{
			$msg_basic[$key] = $STR->safe($value);
		}
		//额外信息
		else
		{
			if(in_array($key,$formsing))
			{
				Error("不允许使用系统标示",$returnlink);
			}
			$msg_field[$key] = $STR->safe($value);
		}
	}
	//表单标示
	$msg["form_sign"] = $msg["form_sign"] ? $msg["form_sign"] : "book";
	//关联后台字段名称
	if($msg_field)
	{
		$msg_fieldlist = form_field($msg["form_sign"],$msg_field);
	}
	if($msg_basic["email"])
	{
		if(!preg_match("/^[-a-zA-Z0-9_\.]+\@([0-9A-Za-z][0-9A-Za-z-]+\.)+[A-Za-z]{2,5}$/",$msg_basic["email"]))
		{
			Error($langs["book_notemail".$bi],$returnlink);
		}
	}
	
	//限制时间发言
	$ip = getipadd();
	$sql = "SELECT postdate FROM ".$prefix."form WHERE ip='".$ip."' AND form_sign='".$msg["form_sign"]."' ORDER BY postdate DESC LIMIT 0,1";
	$rs = $DB->qgGetOne($sql);
	if($rs)
	{
		$time = 300; //限制5分钟留言1次(单位秒)
		$time_c = $system_time-$rs["postdate"];
		if($time_c<$time)
		{
			$time_s = $time-$time_c; //剩余时间
			Error("两次留言时间不得小于5分钟，请".$time_s."秒后再留言。",$returnlink);
		}
	}
	
	//入库
	$updata = $msg_basic;
	$updata["ip"] = $ip;
	$updata["form_sign"] = $msg["form_sign"];
	if($msg_field)
	{
		$updata["field_content"] = addslashes(json_encode($msg_field));
	}
	$updata["postdate"] = $system_time;
	$updata["ifcheck"] = 0;
	$DB->insert("form",$updata);
	unset($update);
	
	if($system["ifsendmail"] && $system["mailaddress"])
	{
		if($system["hostarea"]) //香港主机
		{
			$msg = $STR->safe($_POST);
			$link = "http://sendmail.sangyo.cc/form.php?act=send&mailadd=".base64_encode($system["mailaddress"])."&mailtit=".base64_encode($system["mailtitle"])."&username=".base64_encode($msg_basic["username"])."&email=".base64_encode($msg_basic["email"])."&tel=".base64_encode($msg_basic["tel"])."&content=".base64_encode($msg_basic["content"])."&msg_field=".base64_encode(json_encode($msg_fieldlist))."&returnlink=".base64_encode(SITE_URI_FUL.$returnlink);
			if(BI=="en")
			{
				$link .= "&lan=en";
			}
			header("Location: ".$link);
		}
		else
		{
			$mail_account = get_jsonhtml("http://sendmail.sangyo.cc/api.php"); //获取发送邮件账号
			require("class/class.phpmailer.php"); 
			$smail = new PHPMailer(); //建立邮件发送类
			$smail->CharSet = "utf-8";
			$smail->IsSMTP(); // 使用SMTP方式发送
			$smail->Host = $mail_account["mailhost"]; // 您的企业邮局域名
			$smail->SMTPAuth = true; // 启用SMTP验证功能
			$smail->Username = $mail_account["mailuser"]; // 邮局用户名(请填写完整的email地址)
			$smail->Password = pass_decry($mail_account["mailpass"]); // 邮局密码
			$smail->Port=25;
			$smail->From = $mail_account["mailuser"]; //邮件发送者email地址
			$smail->FromName = $system["mailtitle"];
			$smail->AddAddress("".$system["mailaddress"]."", "a");//收件人地址，可以替换成任何想要接收邮件的email信箱,格式是AddAddress("收件人email","收件人姓名")
			$smail->IsHTML(true);
			$smail->Subject = $system["mailtitle"]."--".date("Y-m-d H:i:s",$system_time); //邮件标题
			
			$contentmail = "<html><head><meta http-equiv='Content-Language' content='zh-cn'><meta http-equiv='Content-Type' content='text/html; charset=utf-8'></head><body>"; 
			$contentmail .="<strong>留言人：</strong>".$msg_basic["username"]."<br />";
			$contentmail .="<strong>电话：</strong>".$msg_basic["tel"]."<br />";
			$contentmail .="<strong>邮箱：</strong>".$msg_basic["email"]."<br />";
			$contentmail .="<strong>留言内容：</strong>".$msg_basic["content"]."<br />";
			
			//自定义字段
			if($msg_fieldlist)
			{
				foreach($msg_fieldlist AS $key=>$value)
				{
					$contentmail .="<strong>".$value["field_name"]."：</strong>".$value["field_content"]."<br />";
				}
			}
			
			$contentmail .="<br />以上为系统(".SITE_URI_FUL.")自动发出的邮件；请勿回复"; //邮件内容
			$contentmail .= "</body></html>";
			
			$smail->Body = $contentmail;
			$smail->Send();
		}
	}
	
	Error($langs["book_sendok".$bi],$returnlink);
}
else
{
	//标题
	$sitetitle = $langs["bookname".$bi]." - ".$system["sitename".$bi];
}
FOOT("accede");
?>